Tag: ciso
-
How the generative AI boom opens up new privacy and cybersecurity risks
Privacy and cybersecurity risks: Another major problem lies in potential privacy and cybersecurity breaches, both for end users and for the companies themselves.Panda warns how AIs fed with large amounts of personal data can become a gateway to fraud or to create much more sophisticated and infallible attacks if they fall into the wrong hands.…
-
A CISO’s guide to monitoring the dark web
Tags: access, attack, authentication, breach, ciso, cloud, credentials, cyber, cybercrime, dark-web, data, data-breach, detection, extortion, guide, identity, incident response, intelligence, law, leak, marketplace, mfa, monitoring, okta, risk, saas, service, supply-chain, technology, threat, vpn, vulnerabilityIs your company data on the dark web? Here’s what to look for and what do if your data now lives on the dark web. Sıla Özeren / Picus Security If you’re looking for broader threats against your organization, pay close attention to what initial access brokers (IABs) are offering for sale on the dark…
-
How the generative AI boom opens up new privacy and cybersecurity risks
Privacy and cybersecurity risks: Another major problem lies in potential privacy and cybersecurity breaches, both for end users and for the companies themselves.Panda warns how AIs fed with large amounts of personal data can become a gateway to fraud or to create much more sophisticated and infallible attacks if they fall into the wrong hands.…
-
A CISO’s guide to monitoring the dark web
Tags: access, attack, authentication, breach, ciso, cloud, credentials, cyber, cybercrime, dark-web, data, data-breach, detection, extortion, guide, identity, incident response, intelligence, law, leak, marketplace, mfa, monitoring, okta, risk, saas, service, supply-chain, technology, threat, vpn, vulnerabilityIs your company data on the dark web? Here’s what to look for and what do if your data now lives on the dark web. Sıla Özeren / Picus Security If you’re looking for broader threats against your organization, pay close attention to what initial access brokers (IABs) are offering for sale on the dark…
-
AI will drive purchases this year, but not without questions
AI is moving into security operations, but CISOs are approaching it with a mix of optimism and realism. A new report from Arctic Wolf shows that most organizations are … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/03/report-ai-in-security-operations/
-
Warning: Flaws in Copeland OT controllers can be leveraged by threat actors
Tags: access, authentication, ciso, control, cybersecurity, exploit, flaw, group, identity, incident response, intelligence, Internet, network, penetration-testing, risk, service, threat, tool, update, vulnerability, zero-trustCSO. “Persons responsible for the management of OT devices are focused on production and reliability of service, not security. As a result, you frequently encounter OT devices that are insecure.”To ensure security, organizations have to move towards a zero trust architecture for deploying OT devices, Beggs said. That includes verifying user identity, enforcing multifactor authentication,…
-
TDL 002 – Defending the DNS: How Quad9 Protects the Internet with John Todd
Tags: access, apple, attack, business, china, ciso, communications, control, country, crime, cyber, cybersecurity, data, defense, dns, email, encryption, firewall, google, ibm, india, infrastructure, intelligence, Internet, jobs, law, malicious, malware, network, phishing, privacy, service, strategy, technology, threat, tool, zero-trustSummary The Defender’s Log episode features John Todd from Quad9, discussing their mission to protect the internet through secure DNS. Quad9, a non-profit launched in 2017 with founding partners Global Cyber Alliance, Packet Clearing House, and IBM, provides a free, global recursive DNS resolver that blocks malicious domains. Todd emphasizes that Quad9’s success is a…
-
Proving Security’s Value in the Age of AI: Why CISOs Must Use CRQ to Compete for Budget
A CISO at a major fast-food retailer recently told me: “No security investments will be approved unless I make the AI case. I need to show that each investment either Read More First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/proving-securitys-value-in-the-age-of-ai-why-cisos-must-use-crq-to-compete-for-budget/
-
Proving Security’s Value in the Age of AI: Why CISOs Must Use CRQ to Compete for Budget
A CISO at a major fast-food retailer recently told me: “No security investments will be approved unless I make the AI case. I need to show that each investment either Read More First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/proving-securitys-value-in-the-age-of-ai-why-cisos-must-use-crq-to-compete-for-budget/
-
Proving Security’s Value in the Age of AI: Why CISOs Must Use CRQ to Compete for Budget
A CISO at a major fast-food retailer recently told me: “No security investments will be approved unless I make the AI case. I need to show that each investment either Read More First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/proving-securitys-value-in-the-age-of-ai-why-cisos-must-use-crq-to-compete-for-budget/
-
CISSP certification: Requirements, training, exam, and cost
Tags: access, business, china, ciso, cloud, computer, credentials, cybersecurity, government, guide, infosec, jobs, linkedin, network, risk, risk-management, skills, trainingWho should get a CISSP?: CISSP has been called the “gold standard” of security certifications. “From the hiring side, the CISSP remains one of the most valued certifications I look for,” says Ankit Gupta, Senior Security Engineer at Exeter Finance. “It shows a candidate has a firm grasp of security principles across multiple domains, and…
-
Cyberrisiko KI-Coding Angriffsfläche steigt durch unsicheren Code
Checkmarx hat die Ergebnisse des jährlichen Reports ‘Future of Application Security in the Era of AI” veröffentlicht. Die Studie zeichnet ein umfassendes Bild davon, wie KI-gestützte Softwareentwicklung die Risikolandschaft nachhaltig verändert und gibt konkrete Handlungsempfehlungen für das kommende Jahr. Befragt wurden rund 1.500 CISOs, AppSec-Verantwortliche und Entwickler aus Nordamerika, Europa und dem asiatisch-pazifischen Raum. […]…
-
Agentic AI: A CISO’s security nightmare in the making?
Tags: access, ai, antivirus, api, attack, automation, ciso, compliance, cybersecurity, data, defense, detection, email, endpoint, exploit, framework, governance, law, leak, malicious, malware, open-source, privacy, risk, service, strategy, supply-chain, tool, vulnerabilityFree agents: Autonomy breeds increased risks: Agentic AI introduces the ability to make independent decisions and act without human oversight. This capability presents its own cybersecurity risk by potentially leaving organizations vulnerable.”Agentic AI systems are goal-driven and capable of making decisions without direct human approval,” Joyce says. “When objectives are poorly scoped or ambiguous, agents…
-
12 Days Left to Nominate Yourself for the Prestigious CSO30 Awards 2025 Celebrating Security Leadership & Innovation
The CSO30 Awards are a mark of excellence, recognizing CISOs and CSOs who have fundamentally changed the way their organizations are protected and operate, while driving positive business outcomes through effective risk mitigation strategies.Winners join an exclusive community of security leaders celebrated globally, with recognition spanning the U.S., Europe, ASEAN, Asia/Pacific, and now the Middle…
-
Women cyber leaders are on the rise, and paying it forward
Tags: ciso, cloud, cyber, cybersecurity, data, defense, finance, google, group, insurance, international, jobs, lessons-learned, network, office, privacy, risk, service, skills, software, strategy, supply-chain, technologyCarol Lee Hobson, CISO, PayNearMe PayNearMeStill, companies could be doing more to bring women into cybersecurity positions, says Lauren Winchester, vice president of cyber risk services at Travelers.”Women make up more than half of the population yet represent roughly 20% of the cybersecurity workforce. While the number of women in cyber has increased over the…
-
KI als Cybercrime-Copilot
Tags: ai, business, ciso, cyberattack, cybercrime, dns, group, injection, intelligence, malware, openai, ransomware, RedTeam, sans, strategy, threat, toolDas KI-gestützte Entwickler-Tool Claude Code hat einem Cyberkriminellen dabei geholfen, in Netzwerke einzudringen.CISOs und Sicherheitsentscheider rechnen schon seit längerem damit, dass Cyberangriffe nicht mehr von Menschen mit KI-Tools, sondern von KI-Systemen selbst ausgehen. Diese Befürchtung hat sich nun mit neuen Forschungserkenntnissen bestätigt. So offenbart Anthropics aktueller Threat Intelligence Report , dass das KI-gestützte Entwickler-Tool Claude…
-
KI als Cybercrime-Copilot
Tags: ai, business, ciso, cyberattack, cybercrime, dns, group, injection, intelligence, malware, openai, ransomware, RedTeam, sans, strategy, threat, toolDas KI-gestützte Entwickler-Tool Claude Code hat einem Cyberkriminellen dabei geholfen, in Netzwerke einzudringen.CISOs und Sicherheitsentscheider rechnen schon seit längerem damit, dass Cyberangriffe nicht mehr von Menschen mit KI-Tools, sondern von KI-Systemen selbst ausgehen. Diese Befürchtung hat sich nun mit neuen Forschungserkenntnissen bestätigt. So offenbart Anthropics aktueller Threat Intelligence Report , dass das KI-gestützte Entwickler-Tool Claude…
-
KI greift erstmals autonom an
Tags: ai, business, ciso, cyberattack, cybercrime, dns, group, injection, intelligence, malware, openai, ransomware, RedTeam, sans, strategy, threat, toolDas KI-gestützte Entwickler-Tool Claude Code hat einem Cyberkriminellen dabei geholfen, in Netzwerke einzudringen.CISOs und Sicherheitsentscheider rechnen schon seit längerem damit, dass Cyberangriffe nicht mehr von Menschen mit KI-Tools, sondern von KI-Systemen selbst ausgehen. Diese Befürchtung hat sich nun mit neuen Forschungserkenntnissen bestätigt. So offenbart Anthropics aktueller Threat Intelligence Report , dass das KI-gestützte Entwickler-Tool Claude…
-
Is Your IAM Solution Truly Scalable?
Is Your Identity and Access Management Approach Up to the Task? Could you be unknowingly compromising your cybersecurity by overlooking the importance of Non-Human Identities (NHIs) and Secrets Security Management? These vital aspects of Identity and Access Management (IAM) are critical in managing access control. Cybersecurity professionals and CISOs need to pay attention to the……
-
Cybercrime increasingly moving beyond financial gains
Tags: attack, awareness, business, ciso, computer, corporate, cyber, cyberattack, cybercrime, cybersecurity, defense, disinformation, espionage, finance, government, group, hacker, hacking, incident response, infrastructure, intelligence, iran, malicious, military, network, ransom, ransomware, risk, risk-analysis, russia, strategy, theft, threat, tool, ukraine, vulnerability, wormsrcset=”https://b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?quality=50&strip=all 892w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=223%2C300&quality=50&strip=all 223w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=768%2C1033&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=761%2C1024&quality=50&strip=all 761w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=518%2C697&quality=50&strip=all 518w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=125%2C168&quality=50&strip=all 125w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=62%2C84&quality=50&strip=all 62w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=357%2C480&quality=50&strip=all 357w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=268%2C360&quality=50&strip=all 268w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=186%2C250&quality=50&strip=all 186w” width=”761″ height=”1024″ sizes=”auto, (max-width: 761px) 100vw, 761px”> Incibe. En la imagen, Patricia Alonso GarcÃa.”We are very redundant when talking about cybercrime, because we always associate it with economic motivations,” says Hervé Lambert, global consumer operations…
-
Finding connection and resilience as a CISO
With sensitive information to protect and reputational risk always in the background, it isn’t easy for security leaders to have open conversations about what’s working and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/29/michael-green-trellix-ciso-community-building/
-
Bridging the IT-OT Security Divide in Manufacturing
CISO Tammy Klotz Discusses the Value of Peer Support in Advance of ManuSec 2025. Manufacturers face many challenges in securing OT and IT systems, from legacy technology to managing vulnerabilities. Tammy Klotz, CISO at Trinseo and last year’s ManuSec Summit event chair, discusses the value of sharing firsthand insights with a cybersecurity community. First seen…
-
Your Map for the Cloud Security Maze: An Integrated Cloud Security Solution That’s Part of an Exposure Management Approach
Tags: access, ai, attack, automation, business, ciso, cloud, container, control, cyber, cybersecurity, data, exploit, guide, identity, infrastructure, intelligence, kubernetes, mitigation, risk, strategy, threat, tool, vulnerability, vulnerability-managementCheck out highlights from the IDC white paper “Bridging Cloud Security and Exposure Management for Unified Risk Reduction,” which explains how CNAPPs help security teams tame the complexity of multi-cloud environments by shifting from a reactive, alert-driven model to a proactive exposure management strategy. Organizations’ rapid expansion into the cloud has created a complex and…
-
How Gainesville Regional Utilities is locking down vendor risk
Tags: access, breach, business, cio, ciso, compliance, conference, cyber, data, finance, group, HIPAA, infrastructure, malicious, penetration-testing, risk, risk-assessment, risk-management, service, soc, strategy, threat, vulnerabilityIntake and triage: The requesting business unit submits an intake form detailing the vendor’s responsibilities, the IT service involved, the types of data needed, and any required system access. The IT security team then conducts an initial risk triage.Detailed assessment: If the vendor poses a moderate or high risk, it must complete a security questionnaire…
-
2025 CSO Hall of Fame: George Finney on decryption risks, AI, and the CISO’s growing clout
Tags: ai, attack, automation, breach, business, ciso, computing, conference, cyber, cybersecurity, data, encryption, intelligence, jobs, LLM, microsoft, risk, soc, threat, tool, zero-trustWhat do you see as the biggest cybersecurity challenges for the next generation of CISOs, and how should they prepare? : George Finney: One major challenge is the threat of attackers saving encrypted data today with the intention of decrypting it later. With quantum computing, we know that in five to 10 years, older encryption…
-
The CISO succession crisis: why companies have no plan and how to change that
The technical-to-strategic divide: One major obstacle keeping many mid-level security pros from becoming CISOs isn’t their tech skills, it’s learning to shift from doing hands-on security work to acting as strategic business partners. That change takes a whole new set of skills and a different way of thinking.”I think you see this with a lot…
-
7 Anzeichen für akuten MSSP-Bedarf
Tags: best-practice, ceo, ciso, compliance, cyber, cybersecurity, data, incident, incident response, intelligence, mssp, service, soc, software, threat, tool, updateManaged Security Service Provider können das Sicherheitsniveau nachhaltig steigern.Ein Managed Security Service Provider (MSSP) bietet seinen Kunden ein umfassendes Spektrum an Sicherheits-Services. Als Drittanbieter kann ein MSSP die Arbeitsbelastung der internen IT-Teams deutlich reduzieren und Zeit freisetzen, um sich mit essenziellen Unternehmensprozessen und strategischen Überlegungen auseinanderzusetzen. Darüber hinaus kann ein MSSP unter anderem auch dazu…
-
How CISOs are balancing risk, pressure and board expectations
AI has moved to the top of the CISO agenda. Three in five CISOs see generative AI as a security risk, with many worried about sensitive data leaking through public tools. At … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/28/proofpoint-2025-voice-of-the-ciso-report/
-
Anthropic detects the inevitable: genAI-only attacks, no humans involved
Tags: ai, attack, business, ciso, control, cybercrime, cybersecurity, defense, dns, infrastructure, injection, intelligence, malicious, malware, open-source, openai, RedTeam, threat, tool, warfarenot find.”There is potentially a lot of this activity we’re not seeing. Anthropic being open about their platform being used for malicious activities is significant, and OpenAI has recently shared the same as well. But will others open up about what is already likely happening?” Brunkard asked. “Or maybe they haven’t shared because they don’t…